Skip to content

Instantly share code, notes, and snippets.

@astra137

astra137/devcontainers.md

Last active June 9, 2022 10:17
Show Gist options
  • Save astra137/854492841b27827db511143df6cbd128 to your computer and use it in GitHub Desktop.
Save astra137/854492841b27827db511143df6cbd128 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
devcontainers.md

Issue

Remote podman devcontainers are currently broken in VS Code on Windows.

Podman's internal SSH client explodes when trying to access the Windows ssh-agent pipe.

Cannot connect to Podman. Please verify your connection to the Linux system using `podman system connection list`, or try `podman machine init` and `podman machine start` to manage a new Linux VM
Error: unable to connect to Podman. failed to create sshClient: dial unix \\.\pipe\openssh-ssh-agent: connect: No connection could be made because the target machine actively refused it.

It does not seem to matter if the ssh-agent Windows service is running or not. I found that podman works perfectly in Terminal through pwsh, powershell, cmd, and Start-Process. I think something in Code's remote containers extension is to blame.

Workaround

This is where I would describe a workaround, if I had one.

Alternative: Local Containers via WSL

If you have spare processing power and can forego remote devcontainers, follow the guidance at https://www.redhat.com/sysadmin/run-podman-windows to prepare podman for local use.

{
	// Visual Studio Code's settings.json...
	"remote.containers.dockerPath": "podman",
	"remote.containers.executeInWSL": true,
	"remote.containers.executeInWSLDistro": "podman-machine-default"
}

SSH-Agent in WSL

  1. Configure Windows ssh-agent service to start automatically
  2. Download npiperelay.exe to somewhere in Windows PATH
  3. Install all three of procps socat openssh-clients in WSL
  4. Create ~/.ssh (manually, using ssh, etc)
  5. Create ~/.bashrc.d/99-wsl-ssh-agent.sh (or edit .zshrc, etc)
# https://stuartleeks.com/posts/wsl-ssh-key-forward-to-windows/
export SSH_AUTH_SOCK=$HOME/.ssh/agent.sock
ALREADY_RUNNING=$(ps | grep -q "[n]piperelay.exe -ei -s //./pipe/openssh-ssh-agent"; echo $?)
if [[ $ALREADY_RUNNING != "0" ]]; then
	if [[ -S $SSH_AUTH_SOCK ]]; then rm $SSH_AUTH_SOCK; fi
	echo "Starting SSH-Agent relay..."
	# setsid to force new session to keep running
	# set socat to listen on $SSH_AUTH_SOCK and forward to npiperelay which then forwards to openssh-ssh-agent on windows
	(setsid socat UNIX-LISTEN:$SSH_AUTH_SOCK,fork EXEC:"npiperelay.exe -ei -s //./pipe/openssh-ssh-agent",nofork &) >/dev/null 2>&1 ;
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment